32 matches found
EUVD-2015-7306
Malware in sbrugna...
EUVD-2015-5951
Malware in sbrugna...
EUVD-2008-6370
Malware in sbrugna...
refbase.vbi.vt.edu XSS vulnerability
Open Bug Bounty ID: OBB-448413 Description| Value ---|--- Affected Website:| refbase.vbi.vt.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...
refbase.wsulibs.wsu.edu XSS vulnerability
Vulnerable URL: http://refbase.wsulibs.wsu.edu/yellowstone/error.php?errorNo=10%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...
Web Reference Database Multiple Vulnerabilities
Reference Database is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:refbase:refbase";...
CVE-2015-7382
SQL injection vulnerability in install.php in Web Reference Database aka refbase through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009...
CVE-2015-7381
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary PHP code via the 1 pathToMYSQL or 2 databaseStructureFile parameter, a different issue than CVE-2015-6008...
CVE-2015-6012
Multiple open redirect vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to inject arbitrary web script or HTML via the 1 errorNo or 2 errorMsg parameter to error.php; the 3 viewType parameter to...
Sql injection
Multiple SQL injection vulnerabilities in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary SQL commands via 1 the where parameter to rss.php or 2 the sqlQuery parameter to search.php, a different issue than CVE-2015-7382...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary PHP code via the 1 pathToMYSQL or 2 databaseStructureFile parameter, a different issue than CVE-2015-6008...
CVE-2015-6012
CVE-2015-6012 concerns Web Reference Database (refbase) open redirect via the referrer parameter. Connected sources confirm multiple open redirect vulnerabilities affecting refbase versions 0.9.6 and earlier, with exploitation enabling phishing by redirecting users to arbitrary sites. The core de...
CVE-2015-7381
Web Reference Database (refbase)
CVE-2015-6011
CVE-2015-6011 affects the Web Reference Database (refbase) prior to 0.9.6 (and bleeding-edge builds before 2015-01-08). The vulnerability is an XML injection via the unapi.php id parameter or the sru.php stylesheet parameter. Technical detail across connected sources confirms this is an XML injec...
CVE-2015-7382
The connected documents confirm a SQL injection vulnerability in Web Reference Database (refbase) through version 0.9.6, exploitable via the defaultCharacterSet parameter in install.php, enabling remote execution of arbitrary SQL commands. This CVE is distinct from CVE-2015-6009 and is listed amo...
CVE-2015-6010
CVE-2015-6010 affects Web Reference Database (refbase) versions 0.9.6 and earlier/bleeding-edge before 2015-01-08, with multiple vulnerabilities enabling remote XSS via numerous parameters (e.g., error.php: errorNo/errorMsg; duplicate_manager.php: viewType; query_manager.php: queryAction, display...
CVE-2015-7383
The CVE-2015-7383 entries relate to Web Reference Database (refbase). Public docs confirm multiple cross-site scripting (XSS) vulnerabilities in refbase up to version 0.9.6 and bleeding-edge builds as of 2015-04-28. The root cause is likely insufficient input sanitization in parameters passed to ...
CVE-2015-6007
CVE-2015-6007 concerns Web Reference Database (refbase) up to version 0.9.6, with multiple reported vulnerabilities in a single entry. Public sources document a CSRF flaw allowing attackers to hijack user sessions, and the consolidated OpenVAS entry lists additional issues in the same 0.9.6+ bran...
CVE-2015-6008
CVE-2015-6008 affects Web Reference Database (refbase) install.php up to version 0.9.6. A remote attacker can execute arbitrary PHP code by manipulating the adminPassword parameter, enabling remote code execution. This is a confirmed vulnerability entry with corroborating references indicating a ...